Tamper Data
Firefox add-on that lets you change headers and request parameters before they're sent to the server. Unlike proxy request modifiers, it's integrated into the browser, so it has no problem with HTTPS...
View ArticleWebsecurify
Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.
View ArticleAlienVault
AlienVault Open Source SIEM (OSSIM) is a complete Security Management solution that detects and profiles attacks, and provides a comprehensive, intelligent Security Management platform and toolset. -...
View ArticleSandcat Browser
Sandcat Browser 5 brings unique features that are useful for pen-testers and web developers. Sandcat is built on top of Chromium and uses the Lua programming language to provide extensions and...
View ArticleProxy.app
Proxy.app is the perfect tool for debugging and analysing both HTTP requests and responses and modify data in transit. It can be used to debug hard problems while doing web development or as a...
View ArticleZed Attack Proxy
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security...
View ArticleBeEF
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
View ArticleSqlmap
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection...
View ArticleMatriux
Matriux is a fully featured security distribution consisting of a bunch of powerful, open source and free tools that can be used for various purposes including, but not limited to, penetration testing,...
View ArticleBlackBuntu
Blackbuntu is distribution for penetration testing which was specially designed for security training students and practitioners of information security. Blackbuntu is Ubuntu base distro for...
View ArticleMetasploit
Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners such as Nexpose - for free. This...
View Articlemedusa
Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible.
View ArticleL0phtCrack
L0phtCrack is a password auditing and recovery application (now called L0phtCrack 6) originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and sometimes to...
View ArticleCore Impact Pro
Core Impact Pro is the most comprehensive software solution assessing and testing security vulnerabilities throughout your organization. Core Impact Pro tests across a broad spectrum of risk areas...
View ArticleImmunity CANVAS
Immunity's CANVAS makes available hundreds of exploits, an automated exploitation system, and a comprehensive, reliable exploit development framework to penetration testers and security professionals...
View ArticleAmmonite
Ammonite is a web application security scanner extension for Fiddler. Ammonite detects common vulnerabilities such as SQL injection, OS command injection, cross-site scripting, file inclusion, format...
View ArticleIronWASP
IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can...
View ArticleSOAtest
Parasoft is recognized by software development professionals as the leader in software development lifecycle automation. By integrating software development management, quality lifecycle management,...
View Article
